nt0xa / sonar
Sonar is a security researcher's Swiss army knife for finding and exploiting vulnerabilities that require out-of-band interactions
☆13Updated last month
Alternatives and similar repositories for sonar:
Users that are interested in sonar are comparing it to the libraries listed below
- Unofficial documentation for the great tool Param Miner☆178Updated 2 years ago
- Prototype Pollution Scanner☆112Updated 3 years ago
- Generate wordlists for fuzzing API method names☆55Updated 4 years ago
- Framework for blind boolean-based sql injections exploatation. Use it if sqlmap does shit.☆28Updated 2 years ago
- ☆151Updated last year
- A permutation generation tool written in golang☆211Updated 5 years ago
- A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…☆130Updated 4 years ago
- List of fresh DNS resolvers updated daily☆109Updated 2 years ago
- Adds a customizable "Send to..."-context-menu to your BurpSuite.☆153Updated 2 years ago
- Check bitrix vulnerabilities☆70Updated last year
- Bundle of wordlists for brute-forcing subdomains (World + RUSSIA based).☆66Updated 6 years ago
- Urls de-duplication tool for better recon.☆139Updated 8 months ago
- An MS Sharepoint and Frontpage Auditing Tool☆45Updated 3 months ago
- ☆42Updated 4 years ago
- This repository stores some of my custom BCheck Scan configurations. Its goal is to identify intriguing elements that warrant further man…☆93Updated last year
- Burp Extension that copies a request and builds a FFUF skeleton☆111Updated last year
- ☆95Updated 3 years ago
- Burpsuite plugin for Interact.sh☆215Updated 8 months ago
- Common Web Managers Fuzz Wordlists☆174Updated this week
- ☆170Updated 3 years ago
- Wordlist to bruteforce for LFI☆123Updated 5 years ago
- ☆70Updated 3 years ago
- jenkinz is a tool to retrieve every build for every job ever created and run on a given Jenkins instance.☆67Updated 5 years ago
- Nuclei templates written by us.☆267Updated 3 years ago
- Turbo Intruder Scripts☆222Updated 4 years ago
- LFI Payloads List coolected from github repos☆76Updated 4 years ago
- ☆66Updated 2 years ago
- Identify virtual hosts by similarity comparison☆117Updated 7 months ago
- CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.☆132Updated 8 months ago